The present application relates generally to an improved data processing apparatus and method and more specifically to mechanisms for detecting malicious activity in one or more intellectual property (IP) functional units of an integrated circuit (IC) chip.
Since integrated circuits (ICs) are involved in critical aspects of everyday life, security of ICs is extremely important. For economic reasons, nearly all ICs are fabricated by foreign foundries and include IP functional units supplied by many third-party IP providers. In addition, ICs rely on outsourced design and test services, and use automation tools from many different vendors. Such a design and manufacturing process provides an adversary with many opportunities to insert logic to sabotage an operation of an IC used in critical applications.
An intrusion denotes a hostile modification of an IC that occurs before deployment (during design or manufacturing), providing the basis for an attack that may occur later during the normal operation of the deployed IC. Intrusions may modify the design at different stages, such as RTL (register transfer language), gate-level netlist, or GDSII (Graphic Database System II) layout. Intrusions may target the functional logic or the infrastructure logic inserted in the design to enhance the testability, the reliability, or the manufacturability of the chip. Intrusions such as focused ion-beam (FIB) circuit modifications target an already manufactured chip.
On the other hand, attacks do not require prior intrusions. For example, non-invasive tampering attacks, such as subjecting the chip to radiation or operating the chip outside its specified ranges for voltage, temperature, or frequency, can occur without any circuit modifications.